On Fri, Feb 21, 2014 at 03:06:39AM -0000, [email protected] wrote:
> Author: breser
> Date: Fri Feb 21 03:06:39 2014
> New Revision: 1570434
>
> URL: http://svn.apache.org/r1570434
> Log:
> Fix potential integer overflow in Cyrus SASL support for svnserve.
>
> * subversion/svnserve/cyrus_auth.c
> (try_auth): error if we'll overflow the clientinlen argument to sasl
> functions, typecast to silence the compiler warning.
>
> Modified:
> subversion/trunk/subversion/svnserve/cyrus_auth.c
> - result = sasl_server_step(sasl_ctx, in->data, in->len, &out, &outlen);
> +
> + if (in->len > UINT_MAX)
> + return svn_error_createf(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
> + _("Step response is too long"));
> +
> + result = sasl_server_step(sasl_ctx, in->data, (unsigned) in->len,
> + &out, &outlen);
Nice fix. Can we please write 'unsigned int'? I know there is a
default size, which is probably int, but I already have to remember
so many other idiosyncrasies about C...
